WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/dell/DNOS-PORTSECURITY-PRIVATE-MIB

331 lines
13 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

-- Port Security MIB overview:
-- Port Security MIB falls under dnOS MIB node of the private subtree.
DNOS-PORTSECURITY-PRIVATE-MIB DEFINITIONS ::= BEGIN
-- Broadcom DNOS Port Security MIB
-- Copyright 2016-2021 Broadcom.
-- This SNMP Management Information Specification
-- embodies Broadcom's confidential and proprietary
-- intellectual property. Broadcom retains all title
-- and ownership in the Specification including any revisions.
-- This Specification is supplied "AS IS", Broadcom
-- makes no warranty, either expressed or implied,
-- as to the use, operation, condition, or performance of the
-- Specification.
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Unsigned32 FROM SNMPv2-SMI
TEXTUAL-CONVENTION,RowStatus,
MacAddress FROM SNMPv2-TC
ifIndex FROM IF-MIB
DisplayString FROM RFC1213-MIB
dnOS FROM DELL-REF-MIB;
fastPathPortSecurity MODULE-IDENTITY
LAST-UPDATED "202112140000Z" -- 14 December 2021 12:00:00 GMT
ORGANIZATION "Dell"
CONTACT-INFO ""
DESCRIPTION
"The Broadcom Private MIB for DNOS Port Security Feature."
-- Revision history.
REVISION
"202112140000Z" -- 14 December 2021 12:00:00 GMT
DESCRIPTION
"Secure MAC aging related changes."
REVISION
"201101260000Z" -- 26 January 2011 12:00:00 GMT
DESCRIPTION
"Postal address updated."
REVISION
"200705230000Z" -- 23 May 2007 12:00:00 GMT
DESCRIPTION
"Dell branding related changes."
::= { dnOS 20 }
--**************************************************************************************
-- agentPortSecurityGroup -> contains MIB objects displaying Port Security
-- and associated Functionality
--
--**************************************************************************************
agentPortSecurityGroup OBJECT IDENTIFIER ::= { fastPathPortSecurity 1}
agentGlobalPortSecurityMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mode showing whether at the global level, port security is enabled or not."
DEFVAL { disable }
::={ agentPortSecurityGroup 1 }
agentPortSecurityTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentPortSecurityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A table for Port Security and associated functionality."
::= { agentPortSecurityGroup 2 }
agentPortSecurityEntry OBJECT-TYPE
SYNTAX AgentPortSecurityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Represents entry for port security table"
INDEX { ifIndex }
::={ agentPortSecurityTable 1}
AgentPortSecurityEntry ::=
SEQUENCE {
agentPortSecurityMode
INTEGER,
agentPortSecurityDynamicLimit
Unsigned32,
agentPortSecurityStaticLimit
Unsigned32,
agentPortSecurityViolationTrapMode
INTEGER,
agentPortSecurityStaticMACs
DisplayString,
agentPortSecurityLastDiscardedMAC
DisplayString,
agentPortSecurityMACAddressAdd
DisplayString,
agentPortSecurityMACAddressRemove
DisplayString,
agentPortSecurityMACAddressMove
INTEGER,
agentPortSecurityStickyMode
INTEGER,
agentPortSecurityAgingTime
Unsigned32
}
agentPortSecurityMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Mode showing whether at port level security is enabled or not."
DEFVAL { disable }
::={ agentPortSecurityEntry 1 }
agentPortSecurityDynamicLimit OBJECT-TYPE
SYNTAX Unsigned32(0..600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable signifies the limit of dynamically locked MAC addresses
allowed on a specific port."
DEFVAL { 600 }
::={ agentPortSecurityEntry 2 }
agentPortSecurityStaticLimit OBJECT-TYPE
SYNTAX Unsigned32(0..20)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable signifies the limit of statically locked MAC addresses
allowed on a specific port."
DEFVAL { 20 }
::={ agentPortSecurityEntry 3 }
agentPortSecurityViolationTrapMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable is used to enable or disable the sending of new violation
traps designating when a packet with a disallowed MAC address is
received on a locked port."
::={agentPortSecurityEntry 4 }
agentPortSecurityStaticMACs OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This variable displays the statically locked MAC addresses for port.
The list displayed in a particular fashion :
2 a0:b1:c2:d1:e3:a1,11 a0:b1:c2:d3:e4:f5
(i.e., VLAN MAC pairs followed by a 1 or 0 to indicate a sticky entry, separated by commas)."
::={agentPortSecurityEntry 6 }
agentPortSecurityLastDiscardedMAC OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This variable displays the vlan-id and source MAC address of the last packet that was
discarded on a locked port."
::={agentPortSecurityEntry 7 }
agentPortSecurityMACAddressAdd OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB variable accepts a VLAN id, MAC address and the sticky value to be added to the list
of statically locked MAC addresses on a port. The VLAN id, MAC address and sticky value combination
would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1 1(the vlan-id, MAC address
and sticky value separated by blank-spaces)."
::={ agentPortSecurityEntry 8 }
agentPortSecurityMACAddressRemove OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This MIB variable accepts a VLAN id and MAC address to be removed from the list
of statically locked MAC addresses on a port.. The VLAN id and MAC address combination
would be entered in a particular fashion like :- 2 a0:b0:c0:d1:e2:a1(the vlan-id and
MAC address separated by a blank-space)."
::={ agentPortSecurityEntry 9 }
agentPortSecurityMACAddressMove OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When this object is enabled, all the dynamically locked MAC addresses will
be moved to statically locked addresses on a port. GET operation on this object will display
disable."
::={ agentPortSecurityEntry 10 }
agentPortSecurityStickyMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to configure port level security sticky mode in a port."
DEFVAL { disable }
::={ agentPortSecurityEntry 11 }
agentPortSecurityAgingTime OBJECT-TYPE
SYNTAX Unsigned32(0..1440)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object signifies the inactivity duration (in minutes) after which dynamically
locked MAC addresses on a specific port are removed. Aging is disabled when 0 is
configured as aging time."
DEFVAL { 5 }
::={ agentPortSecurityEntry 12 }
--**********************************************************************--
agentPortSecurityDynamicTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentPortSecurityDynamicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A table for Port Security Dynamic and associated functionality."
::= { agentPortSecurityGroup 3 }
agentPortSecurityDynamicEntry OBJECT-TYPE
SYNTAX AgentPortSecurityDynamicEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Represents entry for port MAC Locking table"
INDEX { ifIndex,agentPortSecurityDynamicVLANId,agentPortSecurityDynamicMACAddress }
::={ agentPortSecurityDynamicTable 1}
AgentPortSecurityDynamicEntry ::=
SEQUENCE {
agentPortSecurityDynamicVLANId
Unsigned32,
agentPortSecurityDynamicMACAddress
MacAddress
}
agentPortSecurityDynamicVLANId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source VLAN id of the packet that is received on the dynamically locked port."
::={agentPortSecurityDynamicEntry 1 }
agentPortSecurityDynamicMACAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Source MAC address of the packet that is received on the dynamically locked port."
::={ agentPortSecurityDynamicEntry 2 }
agentGlobalPortSecurityStickyMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to apply the Sticky Mode to all ports.
This is write-only value. It always returns 'disable' on request"
DEFVAL { disable }
::={ agentPortSecurityGroup 4 }
agentGlobalPortSecurityViolationTrapMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable is used to enable or disable the sending of new violation
traps designating when a packet with a disallowed MAC address is
received on a locked port. The configuration will be done on all ports.
This is write-only value. It always returns 'disable' on request"
DEFVAL { disable }
::={ agentPortSecurityGroup 5 }
--**************************************************************************************
-- agentPortSecurity Traps
--
--**************************************************************************************
agentPortSecurityTraps OBJECT IDENTIFIER ::= { fastPathPortSecurity 2 }
agentPortSecurityViolation NOTIFICATION-TYPE
OBJECTS {
ifIndex,
agentPortSecurityLastDiscardedMAC
}
STATUS current
DESCRIPTION
"Sent when a packet is received on a locked port with a source MAC address
that is not allowed."
::= { agentPortSecurityTraps 1 }
END
View Git Blame Copy Permalink